using Backoffice.Application.Services;
using BackOffice.Application.Dtos;
using BackOffice.Application.DTOs;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;

namespace Backoffice.Api.Controllers;

[ApiController]
[Route("api/[controller]")]
public class AuthController : ControllerBase
{
    private readonly AuthService _authService;
    public AuthController(AuthService authService) => _authService = authService;

    [HttpPost("register")]
    public async Task<IActionResult> Register([FromBody] RegisterDto dto)
    {
        try
        {
            var result = await _authService.RegisterAsync(dto);
            return Ok(result);
        }
        catch (Exception ex)
        {
            return BadRequest(new { success = false, message = ex.Message });
        }
    }

    [HttpPost("login")]
    public async Task<IActionResult> Login([FromBody] LoginDto dto) {
        try
        {
            var user = await _authService.LoginAsync(dto, HttpContext);
            if (user == null)
                return Unauthorized("用户名或密码错误");

            return Ok(user);
        }
        catch (Exception ex)
        {
            return BadRequest(new { success = false, message = ex.Message });
        }
    }
        
        

    [Authorize]
    [HttpPost("logout")]
    public IActionResult Logout() => Ok("已退出登录");

    [Authorize]
    [HttpGet("validate")]
    public IActionResult ValidateToken()
    {
        try
        {
#pragma warning disable CS8604 // 引用类型参数可能为 null。
            var isValid = _authService.ValidateToken(Request.Headers.Authorization);
#pragma warning restore CS8604 // 引用类型参数可能为 null。
            return Ok(new { IsValid = isValid });
        }
        catch (Exception ex)
        {
            return BadRequest(ex.Message);
        }
    }
    [HttpGet("tree")]
public async Task<IActionResult> GetAuthTree()
{
    try
    {
        var authTree = await _authService.GetAuthTreeAsync();
        return Ok(authTree);
    }
    catch (Exception ex)
    {
        return BadRequest(ex.Message);
    }
}

    [HttpPost("reset-password")]
    public async Task<IActionResult> ResetPassword([FromBody] ResetPasswordDto dto)
    {
        try
        {
            var result = await _authService.ResetPasswordAsync(dto);
            return Ok(result);
        }
        catch (Exception ex)
        {
            return BadRequest(ex.Message);
        }
    }

    [HttpPost("send-verification-code")]
    public async Task<IActionResult> SendVerificationCode([FromBody] SendVerificationCodeDto dto)
    {
        try
        {
            var result = await _authService.SendVerificationCodeAsync(dto);
            return Ok(result);
        }
        catch (Exception ex)
        {
            return BadRequest(ex.Message);
        }
    }

    [HttpPost("fix-passwords")]
    public async Task<IActionResult> FixPasswords()
    {
        try
        {
            // 这里需要注入DataFixService，暂时直接调用AuthService中的修复方法
            var result = await _authService.FixPasswordHashesAsync();
            return Ok(new { Success = result, Message = "密码修复完成" });
        }
        catch (Exception ex)
        {
            return BadRequest(ex.Message);
        }
    }
}